www.media-qurator.com Open in urlscan Pro
44.238.164.117 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://links.media-qurator.com/uni/ls/click?upn=UlEEKLTsDTB6trtHJdTLVpi1B9BRN-2FRrKT1bxwfmnLWPvESKFeGvp-2FN07yPCuouoDmD4bPpaJIy...
Effective URL:
https://www.media-qurator.com/submission/report/47052
Submission: On June 22 via manual (June 22nd 2021, 3:31:44 pm UTC) from US

Summary HTTP 26 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 9 IPs in 2 countries across 7 domains to perform 26 HTTP transactions. The main IP is 44.238.164.117, located in Boardman, United States and belongs to AMAZON-02, US. The main domain is www.media-qurator.com.
TLS certificate: Issued by Amazon on January 29th 2021. Valid for: a year.

This is the only time www.media-qurator.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 12	44.238.164.117 44.238.164.117	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:812::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3035::6815:327f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:10:... 2606:4700:10::6816:1983	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
7	2606:4700:10:... 2606:4700:10::6816:1883	13335 (CLOUDFLAR...) (CLOUDFLARENET)
26	9

12 44.238.164.117 (Boardman, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-44-238-164-117.us-west-2.compute.amazonaws.com

links.media-qurator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.media-qurator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3035::6815:327f (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.lr-ingest.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::6816:1983 (United States)

ASN13335 (CLOUDFLARENET, US)

embed.tawk.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
va.tawk.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700:10::6816:1883 (United States)

ASN13335 (CLOUDFLARENET, US)

embed.tawk.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	media-qurator.com 1 redirects links.media-qurator.com www.media-qurator.com	4 MB
9	tawk.to embed.tawk.to va.tawk.to	119 KB
1	google-analytics.com www.google-analytics.com	19 KB
1	lr-ingest.io cdn.lr-ingest.io	132 KB
1	googleapis.com fonts.googleapis.com	566 B
1	gstatic.com www.gstatic.com	133 KB
1	google.com www.google.com	676 B
26	7

	Domain	Requested by
11	www.media-qurator.com	www.media-qurator.com
8	embed.tawk.to	www.media-qurator.com embed.tawk.to
1	va.tawk.to	www.media-qurator.com
1	www.google-analytics.com	www.media-qurator.com
1	cdn.lr-ingest.io	www.media-qurator.com
1	fonts.googleapis.com	www.media-qurator.com
1	www.gstatic.com	www.google.com
1	www.google.com	www.media-qurator.com
1	links.media-qurator.com	1 redirects
26	9

This site contains links to these domains. Also see Links.

Domain
corp.media-qurator.com

Subject Issuer	Validity	Valid
*.media-qurator.com Amazon	`2021-01-29` - `2022-02-26`	a year	crt.sh
www.google.com GTS CA 1C3	`2021-05-24` - `2021-08-16`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-05-31` - `2021-08-23`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-05-31` - `2021-08-23`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-11` - `2022-06-10`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-05-24` - `2021-08-16`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://www.media-qurator.com/submission/report/47052
Frame ID: AEA76F6A098853F6CCB214E0D2FB2FAD
Requests: 26 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://links.media-qurator.com/uni/ls/click?upn=UlEEKLTsDTB6trtHJdTLVpi1B9BRN-2FRrKT1bxwfmnLWPvESKFeGvp-2FN... HTTP 302
https://www.media-qurator.com/submission/report/47052 Page URL

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Semantic-ui (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]+semantic(?:\.min)\.css"/i

Tawk.to (Live Chat) Expand

Overall confidence: 100%
Detected patterns

script /\/\/embed\.tawk\.to/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

script /\/recaptcha\/api\.js/i

Page Statistics

26
Requests

96 %
HTTPS

88 %
IPv6

7
Domains

9
Subdomains

9
IPs

2
Countries

4571 kB
Transfer

15291 kB
Size

2
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://corp.media-qurator.com/2020/03/covid-19/
Title: COVID-19 Availability Status

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://links.media-qurator.com/uni/ls/click?upn=UlEEKLTsDTB6trtHJdTLVpi1B9BRN-2FRrKT1bxwfmnLWPvESKFeGvp-2FN07yPCuouoDmD4bPpaJIyobUJy1GDeVg-3D-3Dls_F_t0Z8Gam-2FRmpyacbszsvguQtgtJMYThOx3d7pxhjp2spv-2B6kU8baYuO7Jj-2Fbk2SJJE5jcQDtzy56773Tbqn6PD7ceeGwwfgLJTwHyGfQe2bBIq2hEYJH5Cche-2FKeBu9F5wXmblcRMnzMsTBw9Y-2FRrsRbGGKVZK3hMQBjgt1RtQUR7FqfHvUJnA4oqPvhj6hGV6ZyqlCtXTtfR-2BgqCyB0BMQ-3D-3D HTTP 302
https://www.media-qurator.com/submission/report/47052 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

26 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request 47052 Show response
www.media-qurator.com/submission/report/
Redirect Chain

https://links.media-qurator.com/uni/ls/click?upn=UlEEKLTsDTB6trtHJdTLVpi1B9BRN-2FRrKT1bxwfmnLWPvESKFeGvp-2FN07yPCuouoDmD4bPpaJIyobUJy1GDeVg-3D-3Dls_F_t0Z8Gam-2FRmpyacbszsvguQtgtJMYThOx3d7pxhjp2spv-...
https://www.media-qurator.com/submission/report/47052

2 KB
2 KB

796ms
197ms

Document
text/html

44.238.164.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.media-qurator.com/submission/report/47052

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.238.164.117 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-238-164-117.us-west-2.compute.amazonaws.com

Software

nginx/1.13.9 /

Resource Hash

34c049931d6e43ccbf022f82ed0db600452fa40cc93f8ddc3210e016b8f77440

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' 'unsafe-inline' data: blob: .media-qurator.com .licensekeyserver.com .s3.amazonaws.com .s3.us-west-2.amazonaws.com .boxcdn.net .box.com .boxcloud.com .google.com .google-analytics.com .googleapis.com .gstatic.com .sharepointonline.com spoprod-a.akamaihd.net graph.microsoft.com .zopim.com wss://.zopim.com .zopim.io .zendesk.com .tawk.to wss://.tawk.to https://cdn.jsdelivr.net https://cdn.logrocket.io https://cdn.lr-ingest.io https://.logrocket.io https://.lr-ingest.io https://www.pdftron.com; frame-src * 'self' 'unsafe-inline' 'unsafe-eval' blob:; child-src 'self' blob:
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Host: www.media-qurator.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Cache-Control: no-cache, no-store, must-revalidate
Content-Encoding: gzip
Content-Security-Policy: default-src 'self' 'unsafe-eval' 'unsafe-inline' data: blob: *.media-qurator.com *.licensekeyserver.com *.s3.amazonaws.com *.s3.us-west-2.amazonaws.com *.boxcdn.net *.box.com *.boxcloud.com *.google.com *.google-analytics.com *.googleapis.com *.gstatic.com *.sharepointonline.com spoprod-a.akamaihd.net graph.microsoft.com *.zopim.com wss://*.zopim.com *.zopim.io *.zendesk.com *.tawk.to wss://*.tawk.to https://cdn.jsdelivr.net https://cdn.logrocket.io https://cdn.lr-ingest.io https://*.logrocket.io https://*.lr-ingest.io https://www.pdftron.com; frame-src * 'self' 'unsafe-inline' 'unsafe-eval' blob:; child-src 'self' blob:
Content-Type: text/html
Date: Tue, 22 Jun 2021 15:31:24 GMT
ETag: W/"605e2485-7e9"
Expires: 0
Last-Modified: Fri, 26 Mar 2021 18:14:29 GMT
Server: nginx/1.13.9
Strict-Transport-Security: max-age=31536000; includeSubdomains; preload
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
Content-Length: 997
Connection: keep-alive

Redirect headers

Content-Type: text/html; charset=utf-8
Date: Tue, 22 Jun 2021 15:31:23 GMT
Location: https://www.media-qurator.com/submission/report/47052
Server: nginx/1.13.9
X-Robots-Tag: noindex, nofollow
Content-Length: 76
Connection: keep-alive

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 909 B
676 B 16ms
14ms Script
text/javascript 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?onload=onloadCallback&render=explicit

Requested by

Host: www.media-qurator.com
URL: https://www.media-qurator.com/submission/report/47052

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

8e93d7226bf7286091084529e0c6e2f0d81196f71d01002df0caf3900e1c63b4

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.media-qurator.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 22 Jun 2021 15:31:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 581
x-xss-protection: 1; mode=block
expires: Tue, 22 Jun 2021 15:31:24 GMT

GET
H/1.1 200
OK 0.048f71338282ed7dba19.css
www.media-qurator.com/ 165 KB
41 KB 372ms
371ms Stylesheet
text/css 44.238.164.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.media-qurator.com/0.048f71338282ed7dba19.css

Requested by

Host: www.media-qurator.com
URL: https://www.media-qurator.com/submission/report/47052

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.238.164.117 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-238-164-117.us-west-2.compute.amazonaws.com

Software

nginx/1.13.9 /

Resource Hash

88f5f804cbbdde6c6a0b9141af723ad459ab40fa7a7b3ffa9b9e9d5015f26807

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' 'unsafe-inline' data: blob: .media-qurator.com .licensekeyserver.com .s3.amazonaws.com .s3.us-west-2.amazonaws.com .boxcdn.net .box.com .boxcloud.com .google.com .google-analytics.com .googleapis.com .gstatic.com .sharepointonline.com spoprod-a.akamaihd.net graph.microsoft.com .zopim.com wss://.zopim.com .zopim.io .zendesk.com .tawk.to wss://.tawk.to https://cdn.jsdelivr.net https://cdn.logrocket.io https://cdn.lr-ingest.io https://.logrocket.io https://.lr-ingest.io https://www.pdftron.com; frame-src * 'self' 'unsafe-inline' 'unsafe-eval' blob:; child-src 'self' blob:
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.media-qurator.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://www.media-qurator.com/submission/report/47052
Connection: keep-alive
Referer: https://www.media-qurator.com/submission/report/47052
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self' 'unsafe-eval' 'unsafe-inline' data: blob: *.media-qurator.com *.licensekeyserver.com *.s3.amazonaws.com *.s3.us-west-2.amazonaws.com *.boxcdn.net *.box.com *.boxcloud.com *.google.com *.google-analytics.com *.googleapis.com *.gstatic.com *.sharepointonline.com spoprod-a.akamaihd.net graph.microsoft.com *.zopim.com wss://*.zopim.com *.zopim.io *.zendesk.com *.tawk.to wss://*.tawk.to https://cdn.jsdelivr.net https://cdn.logrocket.io https://cdn.lr-ingest.io https://*.logrocket.io https://*.lr-ingest.io https://www.pdftron.com; frame-src * 'self' 'unsafe-inline' 'unsafe-eval' blob:; child-src 'self' blob:
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Fri, 26 Mar 2021 18:14:28 GMT
Server: nginx/1.13.9
ETag: W/"605e2484-29505"
X-Frame-Options: SAMEORIGIN
Connection: keep-alive
Content-Type: text/css
Cache-Control: max-age=86400
Date: Tue, 22 Jun 2021 15:31:24 GMT
Strict-Transport-Security: max-age=31536000; includeSubdomains; preload
transfer-encoding: chunked
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK app.527d3ff2ac18e2060221.css
www.media-qurator.com/ 1 MB
252 KB 762ms
379ms Stylesheet
text/css 44.238.164.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.media-qurator.com/app.527d3ff2ac18e2060221.css

Requested by

Host: www.media-qurator.com
URL: https://www.media-qurator.com/submission/report/47052

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.238.164.117 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-238-164-117.us-west-2.compute.amazonaws.com

Software

nginx/1.13.9 /

Resource Hash

394d0208a7de1d025ef65acd3ff45a7aff16e7ec87a52d3a75b2c313084a9f81

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' 'unsafe-inline' data: blob: .media-qurator.com .licensekeyserver.com .s3.amazonaws.com .s3.us-west-2.amazonaws.com .boxcdn.net .box.com .boxcloud.com .google.com .google-analytics.com .googleapis.com .gstatic.com .sharepointonline.com spoprod-a.akamaihd.net graph.microsoft.com .zopim.com wss://.zopim.com .zopim.io .zendesk.com .tawk.to wss://.tawk.to https://cdn.jsdelivr.net https://cdn.logrocket.io https://cdn.lr-ingest.io https://.logrocket.io https://.lr-ingest.io https://www.pdftron.com; frame-src * 'self' 'unsafe-inline' 'unsafe-eval' blob:; child-src 'self' blob:
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.media-qurator.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://www.media-qurator.com/submission/report/47052
Connection: keep-alive
Referer: https://www.media-qurator.com/submission/report/47052
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self' 'unsafe-eval' 'unsafe-inline' data: blob: *.media-qurator.com *.licensekeyserver.com *.s3.amazonaws.com *.s3.us-west-2.amazonaws.com *.boxcdn.net *.box.com *.boxcloud.com *.google.com *.google-analytics.com *.googleapis.com *.gstatic.com *.sharepointonline.com spoprod-a.akamaihd.net graph.microsoft.com *.zopim.com wss://*.zopim.com *.zopim.io *.zendesk.com *.tawk.to wss://*.tawk.to https://cdn.jsdelivr.net https://cdn.logrocket.io https://cdn.lr-ingest.io https://*.logrocket.io https://*.lr-ingest.io https://www.pdftron.com; frame-src * 'self' 'unsafe-inline' 'unsafe-eval' blob:; child-src 'self' blob:
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Fri, 26 Mar 2021 18:14:28 GMT
Server: nginx/1.13.9
ETag: W/"605e2484-102f59"
X-Frame-Options: SAMEORIGIN
Connection: keep-alive
Content-Type: text/css
Cache-Control: max-age=86400
Date: Tue, 22 Jun 2021 15:31:25 GMT
Strict-Transport-Security: max-age=31536000; includeSubdomains; preload
transfer-encoding: chunked
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK vendors.75eb7349.chunk.js Show response
www.media-qurator.com/ 8 MB
2 MB 591ms
205ms Script
application/javascript 44.238.164.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.media-qurator.com/vendors.75eb7349.chunk.js

Requested by

Host: www.media-qurator.com
URL: https://www.media-qurator.com/submission/report/47052

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.238.164.117 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-238-164-117.us-west-2.compute.amazonaws.com

Software

nginx/1.13.9 /

Resource Hash

3c7a9957261e6011a3a43f78c41a3968c90682440fc6aa54f27c66e88c598dce

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' 'unsafe-inline' data: blob: .media-qurator.com .licensekeyserver.com .s3.amazonaws.com .s3.us-west-2.amazonaws.com .boxcdn.net .box.com .boxcloud.com .google.com .google-analytics.com .googleapis.com .gstatic.com .sharepointonline.com spoprod-a.akamaihd.net graph.microsoft.com .zopim.com wss://.zopim.com .zopim.io .zendesk.com .tawk.to wss://.tawk.to https://cdn.jsdelivr.net https://cdn.logrocket.io https://cdn.lr-ingest.io https://.logrocket.io https://.lr-ingest.io https://www.pdftron.com; frame-src * 'self' 'unsafe-inline' 'unsafe-eval' blob:; child-src 'self' blob:
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.media-qurator.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.media-qurator.com/submission/report/47052
Connection: keep-alive
Referer: https://www.media-qurator.com/submission/report/47052
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self' 'unsafe-eval' 'unsafe-inline' data: blob: *.media-qurator.com *.licensekeyserver.com *.s3.amazonaws.com *.s3.us-west-2.amazonaws.com *.boxcdn.net *.box.com *.boxcloud.com *.google.com *.google-analytics.com *.googleapis.com *.gstatic.com *.sharepointonline.com spoprod-a.akamaihd.net graph.microsoft.com *.zopim.com wss://*.zopim.com *.zopim.io *.zendesk.com *.tawk.to wss://*.tawk.to https://cdn.jsdelivr.net https://cdn.logrocket.io https://cdn.lr-ingest.io https://*.logrocket.io https://*.lr-ingest.io https://www.pdftron.com; frame-src * 'self' 'unsafe-inline' 'unsafe-eval' blob:; child-src 'self' blob:
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Fri, 26 Mar 2021 18:14:28 GMT
Server: nginx/1.13.9
ETag: W/"605e2484-7e8abd"
X-Frame-Options: SAMEORIGIN
Connection: keep-alive
Content-Type: application/javascript
Cache-Control: max-age=86400
Date: Tue, 22 Jun 2021 15:31:25 GMT
Strict-Transport-Security: max-age=31536000; includeSubdomains; preload
transfer-encoding: chunked
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK app.75eb7349.js Show response
www.media-qurator.com/ 3 MB
1020 KB 764ms
378ms Script
application/javascript 44.238.164.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.media-qurator.com/app.75eb7349.js

Requested by

Host: www.media-qurator.com
URL: https://www.media-qurator.com/submission/report/47052

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.238.164.117 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-238-164-117.us-west-2.compute.amazonaws.com

Software

nginx/1.13.9 /

Resource Hash

82d6fc4c3696a39cd702d55c123391e2ffe4b6c01b7af6171317482dd9d3dfd2

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' 'unsafe-inline' data: blob: .media-qurator.com .licensekeyserver.com .s3.amazonaws.com .s3.us-west-2.amazonaws.com .boxcdn.net .box.com .boxcloud.com .google.com .google-analytics.com .googleapis.com .gstatic.com .sharepointonline.com spoprod-a.akamaihd.net graph.microsoft.com .zopim.com wss://.zopim.com .zopim.io .zendesk.com .tawk.to wss://.tawk.to https://cdn.jsdelivr.net https://cdn.logrocket.io https://cdn.lr-ingest.io https://.logrocket.io https://.lr-ingest.io https://www.pdftron.com; frame-src * 'self' 'unsafe-inline' 'unsafe-eval' blob:; child-src 'self' blob:
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.media-qurator.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.media-qurator.com/submission/report/47052
Connection: keep-alive
Referer: https://www.media-qurator.com/submission/report/47052
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self' 'unsafe-eval' 'unsafe-inline' data: blob: *.media-qurator.com *.licensekeyserver.com *.s3.amazonaws.com *.s3.us-west-2.amazonaws.com *.boxcdn.net *.box.com *.boxcloud.com *.google.com *.google-analytics.com *.googleapis.com *.gstatic.com *.sharepointonline.com spoprod-a.akamaihd.net graph.microsoft.com *.zopim.com wss://*.zopim.com *.zopim.io *.zendesk.com *.tawk.to wss://*.tawk.to https://cdn.jsdelivr.net https://cdn.logrocket.io https://cdn.lr-ingest.io https://*.logrocket.io https://*.lr-ingest.io https://www.pdftron.com; frame-src * 'self' 'unsafe-inline' 'unsafe-eval' blob:; child-src 'self' blob:
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Fri, 26 Mar 2021 18:14:28 GMT
Server: nginx/1.13.9
ETag: W/"605e2484-35ec2a"
X-Frame-Options: SAMEORIGIN
Connection: keep-alive
Content-Type: application/javascript
Cache-Control: max-age=86400
Date: Tue, 22 Jun 2021 15:31:25 GMT
Strict-Transport-Security: max-age=31536000; includeSubdomains; preload
transfer-encoding: chunked
X-XSS-Protection: 1; mode=block

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/FDTCuNjXhn1sV0lk31aK53uB/ 341 KB
133 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/FDTCuNjXhn1sV0lk31aK53uB/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=onloadCallback&render=explicit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7ab6a25b3bfe17a0705d5017781df867ba5ccb3238943115697016ffd35e19e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.media-qurator.com
Referer: https://www.media-qurator.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 22 Jun 2021 14:32:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3522
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 135774
x-xss-protection: 0
last-modified: Tue, 15 Jun 2021 23:22:36 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 22 Jun 2022 14:32:42 GMT

GET
H2 200 css
fonts.googleapis.com/ 3 KB
566 B 14ms
14ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:400,700,400italic,700italic&subset=latin

Requested by

Host: www.media-qurator.com
URL: https://www.media-qurator.com/app.527d3ff2ac18e2060221.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

20568af44ab9b900de7d9f4d286cb26181af272d5ca6d1bb0789ae5483003643

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.media-qurator.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 22 Jun 2021 15:12:39 GMT
server: ESF
date: Tue, 22 Jun 2021 15:31:26 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 22 Jun 2021 15:31:26 GMT

GET
H2 200 logger-1.min.js Show response
cdn.lr-ingest.io/ 715 KB
132 KB 47ms
47ms Script
text/javascript 2606:4700:3035::6815:327f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.lr-ingest.io/logger-1.min.js

Requested by

Host: www.media-qurator.com
URL: https://www.media-qurator.com/vendors.75eb7349.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::6815:327f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e34f7ea735237115e95c00d0f227791bbd0e6bae64c3ba5bce2db783edbe133d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

Referer: https://www.media-qurator.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 22 Jun 2021 15:31:26 GMT
content-encoding: br
vary: x-fh-requested-host, accept-encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 13
x-cache: HIT
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0ad5f21b7e00004a74d524b000000001
x-served-by: cache-fra19149-FRA
last-modified: Mon, 21 Jun 2021 19:54:07 GMT
server: cloudflare
x-timer: S1624305437.222696,VS0,VE1
etag: W/"c3da9b79c0f6d1c7ecf3cdd45e49bae6cff6c4384338a415b2e4983223bca197"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31556926
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=uspOLzY%2BCg33XOIxdAV4eL9R6gHPhD7h2MfFhh7uDp5%2Bh2W0h6js3DTNC5m97FrnCbR7noARnEwVvFU5ipG%2BhnZqeeBPkUkyAa53hS7KNAS2IgAYTSNN9HkH0cuXGckwNxGU3SdWmtz%2BOQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=14400
cf-ray: 6636860bf87c4a74-FRA
x-cache-hits: 1

GET
H2 200 default Show response
embed.tawk.to/5ac717c94b401e45400e64fa/ 2 KB
624 B 625ms
624ms Script
application/x-javascript 2606:4700:10::6816:1983
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/5ac717c94b401e45400e64fa/default

Requested by

Host: www.media-qurator.com
URL: https://www.media-qurator.com/app.75eb7349.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3dc37503c1b37476f6652fdf2c26f74053ed263bb5af9efcee3c1a21d374f665

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.media-qurator.com
Referer: https://www.media-qurator.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 22 Jun 2021 15:31:27 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
server: cloudflare
etag: W/"stable-v4-60d19012b18"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, s-maxage=3600
strict-transport-security: max-age=0; includeSubDomains; preload
cf-ray: 6636860c3a1f4e79-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0ad5f21ba200004e79c4a1e000000001

GET
H/1.1 200
OK logo.png
www.media-qurator.com/images/ 2 KB
3 KB 198ms
196ms Image
image/png 44.238.164.117
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.media-qurator.com/images/logo.png

Requested by

Host: www.media-qurator.com
URL: https://www.media-qurator.com/app.527d3ff2ac18e2060221.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.238.164.117 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-238-164-117.us-west-2.compute.amazonaws.com

Software

nginx/1.13.9 /

Resource Hash

95fc03823da1b0ce2acb684a17e8234b7590d968a10c20d9744f58e56259e636

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' 'unsafe-inline' data: blob: .media-qurator.com .licensekeyserver.com .s3.amazonaws.com .s3.us-west-2.amazonaws.com .boxcdn.net .box.com .boxcloud.com .google.com .google-analytics.com .googleapis.com .gstatic.com .sharepointonline.com spoprod-a.akamaihd.net graph.microsoft.com .zopim.com wss://.zopim.com .zopim.io .zendesk.com .tawk.to wss://.tawk.to https://cdn.jsdelivr.net https://cdn.logrocket.io https://cdn.lr-ingest.io https://.logrocket.io https://.lr-ingest.io https://www.pdftron.com; frame-src * 'self' 'unsafe-inline' 'unsafe-eval' blob:; child-src 'self' blob:
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.media-qurator.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.media-qurator.com/app.527d3ff2ac18e2060221.css
Connection: keep-alive
Referer: https://www.media-qurator.com/app.527d3ff2ac18e2060221.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self' 'unsafe-eval' 'unsafe-inline' data: blob: *.media-qurator.com *.licensekeyserver.com *.s3.amazonaws.com *.s3.us-west-2.amazonaws.com *.boxcdn.net *.box.com *.boxcloud.com *.google.com *.google-analytics.com *.googleapis.com *.gstatic.com *.sharepointonline.com spoprod-a.akamaihd.net graph.microsoft.com *.zopim.com wss://*.zopim.com *.zopim.io *.zendesk.com *.tawk.to wss://*.tawk.to https://cdn.jsdelivr.net https://cdn.logrocket.io https://cdn.lr-ingest.io https://*.logrocket.io https://*.lr-ingest.io https://www.pdftron.com; frame-src * 'self' 'unsafe-inline' 'unsafe-eval' blob:; child-src 'self' blob:
X-Content-Type-Options: nosniff
Last-Modified: Fri, 26 Mar 2021 18:14:28 GMT
Server: nginx/1.13.9
ETag: "605e2484-7b9"
X-Frame-Options: SAMEORIGIN
Connection: keep-alive
Content-Type: image/png
Cache-Control: max-age=86400
Date: Tue, 22 Jun 2021 15:31:26 GMT
Strict-Transport-Security: max-age=31536000; includeSubdomains; preload
Accept-Ranges: bytes
Content-Length: 1977
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK Lato-Regular_1OkyeQ.woff2
www.media-qurator.com/fonts/ 29 KB
30 KB 200ms
198ms Font
application/font-woff2 44.238.164.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.media-qurator.com/fonts/Lato-Regular_1OkyeQ.woff2

Requested by

Host: www.media-qurator.com
URL: https://www.media-qurator.com/app.527d3ff2ac18e2060221.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.238.164.117 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-238-164-117.us-west-2.compute.amazonaws.com

Software

nginx/1.13.9 /

Resource Hash

6106020992214e059be0c1af11b07e0019cb218451dda6d375d319ed0c6e27fa

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' 'unsafe-inline' data: blob: .media-qurator.com .licensekeyserver.com .s3.amazonaws.com .s3.us-west-2.amazonaws.com .boxcdn.net .box.com .boxcloud.com .google.com .google-analytics.com .googleapis.com .gstatic.com .sharepointonline.com spoprod-a.akamaihd.net graph.microsoft.com .zopim.com wss://.zopim.com .zopim.io .zendesk.com .tawk.to wss://.tawk.to https://cdn.jsdelivr.net https://cdn.logrocket.io https://cdn.lr-ingest.io https://.logrocket.io https://.lr-ingest.io https://www.pdftron.com; frame-src * 'self' 'unsafe-inline' 'unsafe-eval' blob:; child-src 'self' blob:
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Origin: https://www.media-qurator.com
Accept-Encoding: gzip, deflate, br
Host: www.media-qurator.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: font
Referer: https://www.media-qurator.com/app.527d3ff2ac18e2060221.css
Connection: keep-alive
Origin: https://www.media-qurator.com
Referer: https://www.media-qurator.com/app.527d3ff2ac18e2060221.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self' 'unsafe-eval' 'unsafe-inline' data: blob: *.media-qurator.com *.licensekeyserver.com *.s3.amazonaws.com *.s3.us-west-2.amazonaws.com *.boxcdn.net *.box.com *.boxcloud.com *.google.com *.google-analytics.com *.googleapis.com *.gstatic.com *.sharepointonline.com spoprod-a.akamaihd.net graph.microsoft.com *.zopim.com wss://*.zopim.com *.zopim.io *.zendesk.com *.tawk.to wss://*.tawk.to https://cdn.jsdelivr.net https://cdn.logrocket.io https://cdn.lr-ingest.io https://*.logrocket.io https://*.lr-ingest.io https://www.pdftron.com; frame-src * 'self' 'unsafe-inline' 'unsafe-eval' blob:; child-src 'self' blob:
X-Content-Type-Options: nosniff
Last-Modified: Fri, 26 Mar 2021 18:14:28 GMT
Server: nginx/1.13.9
ETag: "605e2484-7278"
X-Frame-Options: SAMEORIGIN
Connection: keep-alive
Content-Type: application/font-woff2
Cache-Control: max-age=86400
Date: Tue, 22 Jun 2021 15:31:26 GMT
Strict-Transport-Security: max-age=31536000; includeSubdomains; preload
Accept-Ranges: bytes
Content-Length: 29304
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK Lato-Bold_23gq4F.woff2
www.media-qurator.com/fonts/ 28 KB
29 KB 196ms
195ms Font
application/font-woff2 44.238.164.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.media-qurator.com/fonts/Lato-Bold_23gq4F.woff2

Requested by

Host: www.media-qurator.com
URL: https://www.media-qurator.com/app.527d3ff2ac18e2060221.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.238.164.117 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-238-164-117.us-west-2.compute.amazonaws.com

Software

nginx/1.13.9 /

Resource Hash

d956c579571349ff1bd90b76fae5b58ea365a51c945ee9c34d2ed1f4d9530ddb

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' 'unsafe-inline' data: blob: .media-qurator.com .licensekeyserver.com .s3.amazonaws.com .s3.us-west-2.amazonaws.com .boxcdn.net .box.com .boxcloud.com .google.com .google-analytics.com .googleapis.com .gstatic.com .sharepointonline.com spoprod-a.akamaihd.net graph.microsoft.com .zopim.com wss://.zopim.com .zopim.io .zendesk.com .tawk.to wss://.tawk.to https://cdn.jsdelivr.net https://cdn.logrocket.io https://cdn.lr-ingest.io https://.logrocket.io https://.lr-ingest.io https://www.pdftron.com; frame-src * 'self' 'unsafe-inline' 'unsafe-eval' blob:; child-src 'self' blob:
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Origin: https://www.media-qurator.com
Accept-Encoding: gzip, deflate, br
Host: www.media-qurator.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: font
Referer: https://www.media-qurator.com/app.527d3ff2ac18e2060221.css
Connection: keep-alive
Origin: https://www.media-qurator.com
Referer: https://www.media-qurator.com/app.527d3ff2ac18e2060221.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self' 'unsafe-eval' 'unsafe-inline' data: blob: *.media-qurator.com *.licensekeyserver.com *.s3.amazonaws.com *.s3.us-west-2.amazonaws.com *.boxcdn.net *.box.com *.boxcloud.com *.google.com *.google-analytics.com *.googleapis.com *.gstatic.com *.sharepointonline.com spoprod-a.akamaihd.net graph.microsoft.com *.zopim.com wss://*.zopim.com *.zopim.io *.zendesk.com *.tawk.to wss://*.tawk.to https://cdn.jsdelivr.net https://cdn.logrocket.io https://cdn.lr-ingest.io https://*.logrocket.io https://*.lr-ingest.io https://www.pdftron.com; frame-src * 'self' 'unsafe-inline' 'unsafe-eval' blob:; child-src 'self' blob:
X-Content-Type-Options: nosniff
Last-Modified: Fri, 26 Mar 2021 18:14:28 GMT
Server: nginx/1.13.9
ETag: "605e2484-7068"
X-Frame-Options: SAMEORIGIN
Connection: keep-alive
Content-Type: application/font-woff2
Cache-Control: max-age=86400
Date: Tue, 22 Jun 2021 15:31:26 GMT
Strict-Transport-Security: max-age=31536000; includeSubdomains; preload
Accept-Ranges: bytes
Content-Length: 28776
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK Lato-Black_2AcQNL.woff2
www.media-qurator.com/fonts/ 28 KB
29 KB 372ms
371ms Font
application/font-woff2 44.238.164.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.media-qurator.com/fonts/Lato-Black_2AcQNL.woff2

Requested by

Host: www.media-qurator.com
URL: https://www.media-qurator.com/app.527d3ff2ac18e2060221.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.238.164.117 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-238-164-117.us-west-2.compute.amazonaws.com

Software

nginx/1.13.9 /

Resource Hash

464741f5b64bccbe3ceb9727fcfda701785e85786e25856b4eea54b22a4b4ca0

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' 'unsafe-inline' data: blob: .media-qurator.com .licensekeyserver.com .s3.amazonaws.com .s3.us-west-2.amazonaws.com .boxcdn.net .box.com .boxcloud.com .google.com .google-analytics.com .googleapis.com .gstatic.com .sharepointonline.com spoprod-a.akamaihd.net graph.microsoft.com .zopim.com wss://.zopim.com .zopim.io .zendesk.com .tawk.to wss://.tawk.to https://cdn.jsdelivr.net https://cdn.logrocket.io https://cdn.lr-ingest.io https://.logrocket.io https://.lr-ingest.io https://www.pdftron.com; frame-src * 'self' 'unsafe-inline' 'unsafe-eval' blob:; child-src 'self' blob:
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Origin: https://www.media-qurator.com
Accept-Encoding: gzip, deflate, br
Host: www.media-qurator.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: font
Referer: https://www.media-qurator.com/app.527d3ff2ac18e2060221.css
Connection: keep-alive
Origin: https://www.media-qurator.com
Referer: https://www.media-qurator.com/app.527d3ff2ac18e2060221.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self' 'unsafe-eval' 'unsafe-inline' data: blob: *.media-qurator.com *.licensekeyserver.com *.s3.amazonaws.com *.s3.us-west-2.amazonaws.com *.boxcdn.net *.box.com *.boxcloud.com *.google.com *.google-analytics.com *.googleapis.com *.gstatic.com *.sharepointonline.com spoprod-a.akamaihd.net graph.microsoft.com *.zopim.com wss://*.zopim.com *.zopim.io *.zendesk.com *.tawk.to wss://*.tawk.to https://cdn.jsdelivr.net https://cdn.logrocket.io https://cdn.lr-ingest.io https://*.logrocket.io https://*.lr-ingest.io https://www.pdftron.com; frame-src * 'self' 'unsafe-inline' 'unsafe-eval' blob:; child-src 'self' blob:
X-Content-Type-Options: nosniff
Last-Modified: Fri, 26 Mar 2021 18:14:28 GMT
Server: nginx/1.13.9
ETag: "605e2484-6eb8"
X-Frame-Options: SAMEORIGIN
Connection: keep-alive
Content-Type: application/font-woff2
Cache-Control: max-age=86400
Date: Tue, 22 Jun 2021 15:31:26 GMT
Strict-Transport-Security: max-age=31536000; includeSubdomains; preload
Accept-Ranges: bytes
Content-Length: 28344
X-XSS-Protection: 1; mode=block

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.media-qurator.com
URL: https://www.media-qurator.com/vendors.75eb7349.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.media-qurator.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 09 Jun 2021 17:36:57 GMT
server: Golfe2
age: 4006
date: Tue, 22 Jun 2021 14:24:40 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19661
expires: Tue, 22 Jun 2021 16:24:40 GMT

GET
H/1.1 200
OK refreshToken.worker.22d40f41.worker.js
www.media-qurator.com/ 359 KB
105 KB 344ms
197ms Other
application/javascript 44.238.164.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.media-qurator.com/refreshToken.worker.22d40f41.worker.js

Requested by

Host: www.media-qurator.com
URL: https://www.media-qurator.com/login

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.238.164.117 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-238-164-117.us-west-2.compute.amazonaws.com

Software

nginx/1.13.9 /

Resource Hash

aa1d145ff08b4c807496405e30820fdf89e46175ca7c318c83f14b3cd88ad4c9

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' 'unsafe-inline' data: blob: .media-qurator.com .licensekeyserver.com .s3.amazonaws.com .s3.us-west-2.amazonaws.com .boxcdn.net .box.com .boxcloud.com .google.com .google-analytics.com .googleapis.com .gstatic.com .sharepointonline.com spoprod-a.akamaihd.net graph.microsoft.com .zopim.com wss://.zopim.com .zopim.io .zendesk.com .tawk.to wss://.tawk.to https://cdn.jsdelivr.net https://cdn.logrocket.io https://cdn.lr-ingest.io https://.logrocket.io https://.lr-ingest.io https://www.pdftron.com; frame-src * 'self' 'unsafe-inline' 'unsafe-eval' blob:; child-src 'self' blob:
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.media-qurator.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: same-origin
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: worker
Referer: https://www.media-qurator.com/login
Connection: keep-alive
Referer: https://www.media-qurator.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self' 'unsafe-eval' 'unsafe-inline' data: blob: *.media-qurator.com *.licensekeyserver.com *.s3.amazonaws.com *.s3.us-west-2.amazonaws.com *.boxcdn.net *.box.com *.boxcloud.com *.google.com *.google-analytics.com *.googleapis.com *.gstatic.com *.sharepointonline.com spoprod-a.akamaihd.net graph.microsoft.com *.zopim.com wss://*.zopim.com *.zopim.io *.zendesk.com *.tawk.to wss://*.tawk.to https://cdn.jsdelivr.net https://cdn.logrocket.io https://cdn.lr-ingest.io https://*.logrocket.io https://*.lr-ingest.io https://www.pdftron.com; frame-src * 'self' 'unsafe-inline' 'unsafe-eval' blob:; child-src 'self' blob:
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Fri, 26 Mar 2021 18:14:28 GMT
Server: nginx/1.13.9
ETag: W/"605e2484-59bfb"
X-Frame-Options: SAMEORIGIN
Connection: keep-alive
Content-Type: application/javascript
Cache-Control: max-age=86400
Date: Tue, 22 Jun 2021 15:31:27 GMT
Strict-Transport-Security: max-age=31536000; includeSubdomains; preload
transfer-encoding: chunked
X-XSS-Protection: 1; mode=block

GET
BLOB 200
OK ecffafef-a2a9-4772-8588-e38862c5932e
https://www.media-qurator.com/ 406 KB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.media-qurator.com/ecffafef-a2a9-4772-8588-e38862c5932e
Requested by: Host: www.media-qurator.com
URL: https://www.media-qurator.com/login
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 11aa729f082d52228a03462f45bdd73eaee882ce1ecfe5f8f4f462dd3317518c

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length: 416161

GET
H3-29 200 twk-main.js Show response
embed.tawk.to/_s/v4/app/60d19012b18/js/ 121 B
533 B 187ms
185ms Script
application/javascript 2606:4700:10::6816:1883
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/60d19012b18/js/twk-main.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/5ac717c94b401e45400e64fa/default

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

705186becc9e0a306a6b4867ae2768aa9dd3b8c12393d9f9c52029e9a6fcf31c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.media-qurator.com
Referer: https://www.media-qurator.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 22 Jun 2021 15:31:27 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
x-cache-status: HIT
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0ad5f21e1b000063590cbc9000000001
last-modified: Tue, 22 Jun 2021 07:25:29 GMT
server: cloudflare
etag: W/"da5bb1dc647470204df0e49f5afac2de"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000, immutable
cf-ray: 663686102b616359-FRA

GET
H3-29 200 twk-vendor.js Show response
embed.tawk.to/_s/v4/app/60d19012b18/js/ 76 KB
26 KB 349ms
347ms Script
application/javascript 2606:4700:10::6816:1883
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/60d19012b18/js/twk-vendor.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/5ac717c94b401e45400e64fa/default

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5958b8f2069b0a3292ed7a9db46b8109adac7e81591238557125893ee7e87bb7

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.media-qurator.com
Referer: https://www.media-qurator.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 22 Jun 2021 15:31:27 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
x-cache-status: HIT
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0ad5f21e1b00006359ed3a3000000001
last-modified: Tue, 22 Jun 2021 07:25:29 GMT
server: cloudflare
etag: W/"7dcb496e4882926f93f2e73fa87062c0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000, immutable
cf-ray: 663686102b606359-FRA

GET
H3-29 200 twk-chunk-vendors.js Show response
embed.tawk.to/_s/v4/app/60d19012b18/js/ 190 KB
53 KB 956ms
954ms Script
application/javascript 2606:4700:10::6816:1883
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/60d19012b18/js/twk-chunk-vendors.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/5ac717c94b401e45400e64fa/default

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b082db3eecd020183abb7c2ac281a2ed6c0b28828aa868ea901d8980b9861964

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.media-qurator.com
Referer: https://www.media-qurator.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 22 Jun 2021 15:31:28 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
x-cache-status: HIT
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0ad5f21e1c00006359fa356000000001
last-modified: Tue, 22 Jun 2021 07:25:29 GMT
server: cloudflare
etag: W/"f68837b24b4e376e2e783a5c9e81606f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000, immutable
cf-ray: 663686102b626359-FRA

GET
H3-29 200 twk-chunk-common.js Show response
embed.tawk.to/_s/v4/app/60d19012b18/js/ 136 KB
32 KB 366ms
365ms Script
application/javascript 2606:4700:10::6816:1883
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/60d19012b18/js/twk-chunk-common.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/5ac717c94b401e45400e64fa/default

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6177e36080bd679cdaf96178b61bfe5484b4e1a4c140f96af411c2a642e2c1f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.media-qurator.com
Referer: https://www.media-qurator.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 22 Jun 2021 15:31:27 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
x-cache-status: HIT
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0ad5f21e1c0000635904983000000001
last-modified: Tue, 22 Jun 2021 07:25:29 GMT
server: cloudflare
etag: W/"7ebcecd1148846c4918fe36b133aa2ab"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000, immutable
cf-ray: 663686102b636359-FRA

GET
H3-29 200 twk-runtime.js Show response
embed.tawk.to/_s/v4/app/60d19012b18/js/ 2 KB
1 KB 188ms
187ms Script
application/javascript 2606:4700:10::6816:1883
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/60d19012b18/js/twk-runtime.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/5ac717c94b401e45400e64fa/default

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e5847165b3635f91f5348803812b44487a43ca33d99fd5f018cfa904be7fa267

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.media-qurator.com
Referer: https://www.media-qurator.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 22 Jun 2021 15:31:27 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
x-cache-status: HIT
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0ad5f21e1d00006359fa357000000001
last-modified: Tue, 22 Jun 2021 07:25:29 GMT
server: cloudflare
etag: W/"88a8779575d0c2dea25b707e96429d50"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000, immutable
cf-ray: 663686102b646359-FRA

GET
H3-29 200 twk-app.js Show response
embed.tawk.to/_s/v4/app/60d19012b18/js/ 151 B
521 B 196ms
195ms Script
application/javascript 2606:4700:10::6816:1883
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/60d19012b18/js/twk-app.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/5ac717c94b401e45400e64fa/default

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

13cf82e6f9d48221cd55f8b3c3d206f7bdb83f291034b478e484ccfef7d500dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.media-qurator.com
Referer: https://www.media-qurator.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 22 Jun 2021 15:31:27 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
x-cache-status: HIT
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0ad5f21e1d00006359eea5b000000001
last-modified: Tue, 22 Jun 2021 07:25:29 GMT
server: cloudflare
etag: W/"e736e189edb5d0d9d5b8e7f23dd9114a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000, immutable
cf-ray: 663686102b656359-FRA

GET
H/1.1 200
OK thin-icons_M7dkW-.woff2
www.media-qurator.com/fonts/ 153 KB
154 KB 196ms
196ms Font
application/font-woff2 44.238.164.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.media-qurator.com/fonts/thin-icons_M7dkW-.woff2

Requested by

Host: www.media-qurator.com
URL: https://www.media-qurator.com/app.527d3ff2ac18e2060221.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.238.164.117 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-238-164-117.us-west-2.compute.amazonaws.com

Software

nginx/1.13.9 /

Resource Hash

ecaf1bdac83aed4f44449b88c396b8fbbe2854bad9e1d65343af86ac35f88abf

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' 'unsafe-inline' data: blob: .media-qurator.com .licensekeyserver.com .s3.amazonaws.com .s3.us-west-2.amazonaws.com .boxcdn.net .box.com .boxcloud.com .google.com .google-analytics.com .googleapis.com .gstatic.com .sharepointonline.com spoprod-a.akamaihd.net graph.microsoft.com .zopim.com wss://.zopim.com .zopim.io .zendesk.com .tawk.to wss://.tawk.to https://cdn.jsdelivr.net https://cdn.logrocket.io https://cdn.lr-ingest.io https://.logrocket.io https://.lr-ingest.io https://www.pdftron.com; frame-src * 'self' 'unsafe-inline' 'unsafe-eval' blob:; child-src 'self' blob:
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Origin: https://www.media-qurator.com
Accept-Encoding: gzip, deflate, br
Host: www.media-qurator.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: font
Referer: https://www.media-qurator.com/app.527d3ff2ac18e2060221.css
Cookie: _ga=GA1.2.840410644.1624375887; _gid=GA1.2.1693919441.1624375887
Connection: keep-alive
Origin: https://www.media-qurator.com
Referer: https://www.media-qurator.com/app.527d3ff2ac18e2060221.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self' 'unsafe-eval' 'unsafe-inline' data: blob: *.media-qurator.com *.licensekeyserver.com *.s3.amazonaws.com *.s3.us-west-2.amazonaws.com *.boxcdn.net *.box.com *.boxcloud.com *.google.com *.google-analytics.com *.googleapis.com *.gstatic.com *.sharepointonline.com spoprod-a.akamaihd.net graph.microsoft.com *.zopim.com wss://*.zopim.com *.zopim.io *.zendesk.com *.tawk.to wss://*.tawk.to https://cdn.jsdelivr.net https://cdn.logrocket.io https://cdn.lr-ingest.io https://*.logrocket.io https://*.lr-ingest.io https://www.pdftron.com; frame-src * 'self' 'unsafe-inline' 'unsafe-eval' blob:; child-src 'self' blob:
X-Content-Type-Options: nosniff
Last-Modified: Fri, 26 Mar 2021 18:14:28 GMT
Server: nginx/1.13.9
ETag: "605e2484-26550"
X-Frame-Options: SAMEORIGIN
Connection: keep-alive
Content-Type: application/font-woff2
Cache-Control: max-age=86400
Date: Tue, 22 Jun 2021 15:31:27 GMT
Strict-Transport-Security: max-age=31536000; includeSubdomains; preload
Accept-Ranges: bytes
Content-Length: 157008
X-XSS-Protection: 1; mode=block

GET
H2 200 widget-settings Show response
va.tawk.to/v1/ 3 KB
1 KB 697ms
697ms Fetch
application/json 2606:4700:10::6816:1983
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://va.tawk.to/v1/widget-settings?propertyId=5ac717c94b401e45400e64fa&widgetId=default&sv=undefined

Requested by

Host: www.media-qurator.com
URL: https://www.media-qurator.com/vendors.75eb7349.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3eceeb9d511d2f65ca0df7d365ae6ec48a076e2d0b7da26daba3541af980b2a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.media-qurator.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 22 Jun 2021 15:31:29 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0ad5f221f900004e7976293000000001
x-served-by: visitor-application-preemptive-pv20
server: cloudflare
etag: W/"2-53-0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
access-control-allow-methods: GET,OPTIONS
content-type: application/json
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=7200, s-maxage=1800
cf-ray: 6636861659474e79-FRA
access-control-allow-headers: content-type,x-tawk-token

GET
H3-29 200 en.js Show response
embed.tawk.to/_s/v4/app/60d19012b18/languages/ 16 KB
4 KB 34ms
33ms Script
application/javascript 2606:4700:10::6816:1883
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/60d19012b18/languages/en.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/60d19012b18/js/twk-chunk-common.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b501d85b6ed1b5e66057dcde486ca7668ece819efb85d9e7242f49261b2379a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.media-qurator.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 22 Jun 2021 15:31:29 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 28985
x-cache-status: HIT
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0ad5f224bf0000979c55b79000000001
last-modified: Tue, 22 Jun 2021 07:25:29 GMT
server: cloudflare
etag: W/"d53834b02ca3e2bd713150a71f06bd85"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000, immutable
cf-ray: 6636861ac80d979c-FRA

Verdicts & Comments Add Verdict or Comment

79 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.media-qurator.com/	1970-01-19 19:14:22	Name: _gid Value: GA1.2.1693919441.1624375887
			.media-qurator.com/	1970-01-20 12:44:07	Name: _ga Value: GA1.2.840410644.1624375887

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	warning	URL: https://www.media-qurator.com/vendors.75eb7349.chunk.js(Line 2) Message: [react-ga] ReactGA.initialize must be called first or GoogleAnalytics should be loaded manually
console-api	log	URL: https://www.media-qurator.com/vendors.75eb7349.chunk.js(Line 2) Message: reCAPTCHA couldn't find user-provided function: onloadCallback

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' 'unsafe-inline' data: blob: .media-qurator.com .licensekeyserver.com .s3.amazonaws.com .s3.us-west-2.amazonaws.com .boxcdn.net .box.com .boxcloud.com .google.com .google-analytics.com .googleapis.com .gstatic.com .sharepointonline.com spoprod-a.akamaihd.net graph.microsoft.com .zopim.com wss://.zopim.com .zopim.io .zendesk.com .tawk.to wss://.tawk.to https://cdn.jsdelivr.net https://cdn.logrocket.io https://cdn.lr-ingest.io https://.logrocket.io https://.lr-ingest.io https://www.pdftron.com; frame-src * 'self' 'unsafe-inline' 'unsafe-eval' blob:; child-src 'self' blob:
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.lr-ingest.io
embed.tawk.to
fonts.googleapis.com
links.media-qurator.com
va.tawk.to
www.google-analytics.com
www.google.com
www.gstatic.com
www.media-qurator.com
2606:4700:10::6816:1883
2606:4700:10::6816:1983
2606:4700:3035::6815:327f
2a00:1450:4001:80e::200e
2a00:1450:4001:812::2004
2a00:1450:4001:831::2003
2a00:1450:4001:831::200a
44.238.164.117
11aa729f082d52228a03462f45bdd73eaee882ce1ecfe5f8f4f462dd3317518c
13cf82e6f9d48221cd55f8b3c3d206f7bdb83f291034b478e484ccfef7d500dd
20568af44ab9b900de7d9f4d286cb26181af272d5ca6d1bb0789ae5483003643
34c049931d6e43ccbf022f82ed0db600452fa40cc93f8ddc3210e016b8f77440
394d0208a7de1d025ef65acd3ff45a7aff16e7ec87a52d3a75b2c313084a9f81
3c7a9957261e6011a3a43f78c41a3968c90682440fc6aa54f27c66e88c598dce
3dc37503c1b37476f6652fdf2c26f74053ed263bb5af9efcee3c1a21d374f665
3eceeb9d511d2f65ca0df7d365ae6ec48a076e2d0b7da26daba3541af980b2a9
464741f5b64bccbe3ceb9727fcfda701785e85786e25856b4eea54b22a4b4ca0
5958b8f2069b0a3292ed7a9db46b8109adac7e81591238557125893ee7e87bb7
6106020992214e059be0c1af11b07e0019cb218451dda6d375d319ed0c6e27fa
6177e36080bd679cdaf96178b61bfe5484b4e1a4c140f96af411c2a642e2c1f3
705186becc9e0a306a6b4867ae2768aa9dd3b8c12393d9f9c52029e9a6fcf31c
73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89
7ab6a25b3bfe17a0705d5017781df867ba5ccb3238943115697016ffd35e19e0
82d6fc4c3696a39cd702d55c123391e2ffe4b6c01b7af6171317482dd9d3dfd2
88f5f804cbbdde6c6a0b9141af723ad459ab40fa7a7b3ffa9b9e9d5015f26807
8e93d7226bf7286091084529e0c6e2f0d81196f71d01002df0caf3900e1c63b4
95fc03823da1b0ce2acb684a17e8234b7590d968a10c20d9744f58e56259e636
aa1d145ff08b4c807496405e30820fdf89e46175ca7c318c83f14b3cd88ad4c9
b082db3eecd020183abb7c2ac281a2ed6c0b28828aa868ea901d8980b9861964
b501d85b6ed1b5e66057dcde486ca7668ece819efb85d9e7242f49261b2379a7
d956c579571349ff1bd90b76fae5b58ea365a51c945ee9c34d2ed1f4d9530ddb
e34f7ea735237115e95c00d0f227791bbd0e6bae64c3ba5bce2db783edbe133d
e5847165b3635f91f5348803812b44487a43ca33d99fd5f018cfa904be7fa267
ecaf1bdac83aed4f44449b88c396b8fbbe2854bad9e1d65343af86ac35f88abf

www.media-qurator.com Open in urlscan Pro 44.238.164.117 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

26 Requests

96 %HTTPS

88 %IPv6

7 Domains

9 Subdomains

9 IPs

2 Countries

4571 kBTransfer

15291 kBSize

2 Cookies

1 Outgoing links

Page URL History

Redirected requests

26 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

79 JavaScript Global Variables

2 Cookies

2 Console Messages

Security Headers

www.media-qurator.com Open in urlscan Pro
44.238.164.117 Public Scan

Screenshot
Live screenshot

Full Image

26
Requests

96 %
HTTPS

88 %
IPv6

7
Domains

9
Subdomains

9
IPs

2
Countries

4571 kB
Transfer

15291 kB
Size

2
Cookies

26 HTTP transactions
0 data transactions